Fix the problems with Object.defineProperty() and property unsealing / double-freezing. Implement it if not yet done.

Goal I: Raise awareness for the power or object freezing in a security context. ES5 can really make a change here.

Goal II: Raise awareness in seeing the DOM as the place where XSS attacks actually take place - and where they should be prevented. CSP is a great yet still immature start - but worth discussing and extending. Discuss specification drafts for a secure DOM and easy to configure capability profiles with reasonable and quantitative proofs of concept.

Long Term Goal: Discuss the possibility of vendor supported client side security mechanisms. Client side IDS/IPS based on ES5 can be possible - yet have to be designed and specified.